Cisco Unified CallManager Administration Guide, Release 5.0(4)
LDAP System Configuration
Downloads: This chapterpdf (PDF - 176.0KB) The complete bookPDF (PDF - 6.58MB) | Feedback

LDAP System Configuration

Table Of Contents

LDAP System Configuration

Updating LDAP System Information

LDAP System Configuration Settings

Related Topics


LDAP System Configuration


In Cisco Unified CallManager Release 5.0 and above, directory configuration takes place in three related windows:

LDAP System

LDAP Directory

LDAP Authentication

Changes to LDAP Directory information and LDAP Authentication settings are possible only if synchronization from the customer's LDAP directory is enabled in the Cisco Unified CallManager Administration LDAP System window.

Administrators use this window to enable LDAP synchronization and to set up the LDAP server type and the LDAP attribute name for the user ID.


Note After an LDAP Directory configuration for the DirSync service gets created or the LDAP user authentication is enabled, the settings in the LDAP System window become read-only.


Use the following topics to configure LDAP system information:

Updating LDAP System Information

LDAP System Configuration Settings

Additional Information

See the "Related Topics" section.

Updating LDAP System Information

Use the following procedure to update LDAP system information.

Before You Begin

The setting of the Enable Synchronizing from LDAP Server check box in this window affects the administrator's ability to modify end users. LDAP synchronization applies only to end users; LDAP synchronization does not affect application users. Refer to the "Understanding the Directory" section on page 20-1 for more information about LDAP synchronization.

For end user data, administrators cannot use the End User Configuration window to update the attributes that get synchronized from the corporate directory. These attributes can be updated only in the corporate directory itself, after which a resynchronization should be performed.


Note If end users exist in the Cisco Unified CallManager database before synchronization with a corporate directory occurs, these end users will be deleted. If Cisco Unified CallManager was already synchronized with a different type of server, existing users will be marked with a Delete Pending status. A garbage collector program that runs nightly will delete these users from the database.


Procedure


Step 1 Choose System > LDAP > LDAP System.

Step 2 Enter the appropriate configuration settings as described in Table 12-1.

Step 3 To save your changes, click Save.


Additional Information

See the "Related Topics" section.

LDAP System Configuration Settings

Table 12-1 describes the LDAP system configuration settings. For related procedures, see the "Related Topics" section.

Table 12-1 LDAP System Configuration Settings 

Field
Description
LDAP System Information

Enable Synchronizing from LDAP Server

To enable synchronization of data from the customer's LDAP server, check this check box.

If synchronization with the LDAP server is enabled, the following circumstances occur:

The administrator cannot modify end user data, except for the fields (attributes) that are not synchronized from the corporate directory. Example: user PIN. (The administrator can always modify application user data.)

The administrator can modify the LDAP Directory information.

The administrator can modify LDAP Authentication information.

If synchronization with the LDAP server is not enabled (is disabled), the following circumstances occur:

The administrator cannot modify LDAP Directory information.

The administrator cannot modify LDAP Authentication information.

LDAP Server Type

If synchronization with the LDAP server is currently enabled, you can choose one of the selections in this drop-down list box. Choose the value that corresponds to the customer's LDAP server type:

Microsoft Active Directory

Netscape LDAP Server

LDAP Attribute for User ID

If synchronization with the LDAP server is enabled, you can choose an LDAP attribute value for the user ID. Choose one of the following values from the drop-down list box:

for Microsoft Active Directory:

sAMAccountName

mail

employeeNumber

for Netscape LDAP Server:

uid

mail

employeeNumber


Related Topics

LDAP System Configuration

Updating LDAP System Information

LDAP System Configuration Settings

Understanding the Directory, Cisco Unified CallManager System Guide

LDAP Directory Configuration

LDAP Authentication Configuration

Application User Configuration, page 86-1

End User Configuration, page 87-1

Application Users and End Users, Cisco Unified CallManager System Guide